<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
// 验证，自动过滤了crsf

/**
* Validate
*/
class validate extends MY_Controller
{
	
	function __construct()
	{
		parent::__construct();
	}

	// 第三方
	public function aliApi() {
		require_once(LIBS_PATH . "alipay_api/alipay.config.php");
		require_once(LIBS_PATH . "alipay_api/lib/alipay_notify.class.php");
		require_once(LIBS_PATH . "alipay_api/lib/alipay_rsa.function.php");
		require_once(LIBS_PATH . "alipay_api/lib/alipay_core.function.php");
		//计算得出通知验证结果
		//logfile('$_POST:'.json_encode($_POST),'lalipay');
		$alipayNotify = new AlipayNotify($alipay_config);
		if($alipayNotify->getResponse($_POST['notify_id']))//判断成功之后使用getResponse方法判断是否是支付宝发来的异步通知。
		{
			if($alipayNotify->getSignVeryfy($_POST, $_POST['sign'])) {//使用支付宝公钥验签
				$out_trade_no = $_POST['out_trade_no'];

				$trade_no = $_POST['trade_no'];

				$trade_status = $_POST['trade_status'];

				if($trade_status == 'TRADE_FINISHED' || $trade_status == 'TRADE_SUCCESS') {

				}
				echo "success";
			} else {
				//验证签名失败
				echo "sign fail";
			}
		} else {
			//验证是否来自支付宝的通知失败
			echo "response fail";
		}
	}
}